<?php

if (!defined('TOBBIVM'))
	header('location:/template/notrepassing.php');
/**
 * This file is part of TobbiVMShop.
 *
 * TobbiVMShop is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * TobbiVMShop is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with TobbiVMShop.  If not, see <http://www.gnu.org/licenses/>.
 */

/**
 * Page user->admin
 * Editing Admin-Users and privileges
 *
 * @version    $Id$
 * @package    TobbiVM-Shop
 * @copyright  Copyright (C) 2012
 * @author     Norbert Gebert
 * @license    GPL3
 */
function contentPage($refPage, $page, $subpage, $refValidate)
{
	if (isset($_GET['func']))
	{
		if ($refValidate->cleanslash($_REQUEST['submit']) === _('Cancel'))
		{ // get the admin-table
			$pagefile = 'module/page/user/admin.page.table.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
		else if ($refValidate->cleanslash($_REQUEST['submit']) === _('New'))
		{ // Create new Datarow and open Editor
			$data = Array('user_name' => 'New User');
			db::getInstance()->INSERT('user', $data);
			$_GET['name'] = 'New User';

			$pagefile = 'module/page/user/admin.page.editor.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
		else if ($refValidate->cleanslash($_REQUEST['submit']) === _('Delete'))
		{ // Delete Userentry
			if (!empty($_POST['marker']))
			{
				$pagefile = 'module/page/user/admin.page.delete.php';
			}
			else
			{
				$pagefile = 'module/page/user/admin.page.table.php';
			}
			if (is_file($pagefile))
				include_once $pagefile;
		}
		else if ($refValidate->cleanslash($_REQUEST['submit']) === _('Delete now'))
		{ // deleted entries permanently
			$deleteIds = explode('-', $refValidate->cleanslash($_POST['deleteIds']));

			foreach ($deleteIds as $value)
			{
				if (!empty($value))
				{
					db::getInstance()->where('user_id', $value);

					if (db::getInstance()->delete('user'))
					{
						message::setNoteRow(_('Entry, ID') . ': ' . $value .
							_(' successful deleted.'));
					}
					else
					{
						message::setErrorRow(_('Entry, ID') . ': ' . $value .
							_(' could not deleted!'));
					}
				}
			}
			$pagefile = 'module/page/user/admin.page.table.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
		else if ($refValidate->cleanslash($_REQUEST['submit']) === _('Save') and
			isset($_POST['psw']))
		{ // create and save new Password
			if ($refValidate->cleanslash($_POST['psw']) === $refValidate->cleanslash($_POST['idxx']))
			{
				$idx = $refValidate->testNumber($_POST['idxx'], _('Admin-ID'));

				db::getInstance()->where('user_id', $idx);
				$admin = db::getInstance()->getOne('user');
				$passwordx = $refValidate->testText($_POST['passwordx'], _('Admin-PSW'), 12, 64);

				if (!empty($passwordx))
				{
					message::setNoteRow(_('New Password for User') . ': ' .
						$admin['user_name'], true);
					message::setNoteRow(_('Password') . ': ' . $passwordx, true);

					$secureidx = substr(md5($admin['user_name'] . time() . SECURE), 0, 10);
					$passwordx = md5($passwordx . $secureidx);

					$data = Array(
					 'user_secureid' => $secureidx,
					 'user_password' => $passwordx);
					db::getInstance()->where('user_id', $idx);

					if (db::getInstance()->update('user', $data))
					{
						message::setNoteRow(_('New password saved successfull!'), true);
					}
					else
					{
						message::setErrorRow(_('New password coud not save!'), true);
					}
				}
				else
				{
					message::setErrorRow(_('A Password must have min. 12 Chars !'), true);
					message::setErrorRow(_('The User has been deactivated.'));
					$data = Array('user_active' => 0);
					db::getInstance()->where('user_id', $idx);
					db::getInstance()->update('user', $data);
				}
			}
			$pagefile = 'module/page/user/admin.page.table.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
		else if ($refValidate->cleanslash($_REQUEST['submit']) === _('Save'))
		{ // save data and then get the admin-table
			$pagefile = 'module/page/user/admin.page.save.php';
			if (is_file($pagefile))
				include_once $pagefile;

			$pagefile = 'module/page/user/admin.page.table.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
		else if ($refValidate->cleanslash($_REQUEST['submit']) === _('New password'))
		{ // save data and then get the admin-table
			$pagefile = 'module/page/user/admin.page.password.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
	}
	else
	{
		if (isset($_GET['name']))
		{ // Edit userentry
			$pagefile = 'module/page/user/admin.page.editor.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
		else
		{
			// get the admin-table
			$pagefile = 'module/page/user/admin.page.table.php';
			if (is_file($pagefile))
				include_once $pagefile;
		}
	}
}

?>